Commit 64ed55ab033f1bfa795d46f0ecc61c313204b418 - openssl

hkdf zeroization fix Reviewed-by: Paul Yang <yang.yang@baishancloud.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7106) Shane Lontis authored 5 years ago Pauli committed 5 years ago

1 changed file(s) with 7 addition(s) and 7 deletion(s). Raw diff Collapse all Expand all

-7

crypto/kdf/hkdf.c less more

280	280	unsigned char *okm, size_t okm_len)
281	281	{
282	282	HMAC_CTX *hmac;
	283	unsigned char *ret = NULL;
283	284
284	285	unsigned int i;
285	286

329	330
330	331	done_len += copy_len;
331	332	}
332
	333	ret = okm;
	334
	335	err:
	336	OPENSSL_cleanse(prev, sizeof(prev));
333	337	HMAC_CTX_free(hmac);
334		return okm;
335
336		err:
337		HMAC_CTX_free(hmac);
338		return NULL;
339		}
	338	return ret;
	339	}